If you’ve built a custom website using WordPress, perhaps you’ve created some pages like “Login,” “Register,” “Modify Profile” and so on. While this gives you the power to use WordPress template files, it also makes your system somewhat user-prone.
What if a user changes a permalink or deletes the page altogether?
In this Weekend WordPress Project I’ll explore a way of preventing this, while also providing a better user experience.
The plan is that there will be a set of a pages not visible to anyone, including admins. How we put this in place can differ greatly:
- You could create these pages programmatically using the
- You could create the pages and then put the hiding in place
- You could create a new user role who does see all pages but any other role – including admins – don’t see the special ones
- You could check when a post is deleted using the
delete_posthook and simply re-create it or prevent deletion if it is a special page
I will choose to show number three here because I believe it provides the best user experience for the developer and the end user.
The other aspect of this we need to think about is how we determine what a special page is. We have a couple of options:
- Define a list of IDs
- Define a list of post names
- Use a category or taxonomy to indicate special pages
I chose option 3 here also because it gives me the most flexibility. Maintaining a set of IDs or post names is not something I want to do – the less error-prone the better. Taxonomy terms can be assigned from the WordPress backend so I can do all the management there.
Step 0 – Create a Plugin
All the code required for this example to work can be added to your theme’s
functions.php file. While this is fine for testing or for custom built projects, it is perhaps best to add the code to a plugin.
If you don’t know how to create a plugin take a look at out getting started with plugin development article, it has all the info you need to get started.
Step 1 – Create a New Role
We should only try and create a new role once, when our plugin is activated. This can be done by using the
register_activation_hook() function. Here’s how:
We copy all the capabilities of the admin role and add them to our new custom role. I’ve also added a custom capability – be_overlord – to make sure we have a custom capability when using the
Note that if you’ve already activated your plugin you can remove the hook and just run the function by itself to create the role.
Step 2 – Create a Custom Taxonomy
To create a custom taxonomy we’ll use the
register_taxonomy() function. You can read all about it in the WordPress Codex, but the example below should be easy to understand.
The only unusual feature in the code above is the definition of the
$show_ui variable. We want the taxonomy to always be available but we don’t want regular users to be able to assign them. Therefore if someone is logged in as an overlord we’ll show the user interface, otherwise we’ll hide it.
Finally, let’s create a term, which we’ll assign to our special pages. I chose to call this “System Page.” Create it and assign it to all pages you would like to hide in the admin.
Step 3 – Modify the Admin Post List
The final step is to make sure WordPress excludes our system pages from the admin. This can be done with the
pre_get_posts hook. Beware, this hook can potentially affect all queries on your site, from your homepage to your admin. Use the proper conditional tags as I have done in the example below:
The idea here is that
pre_get_posts allows us to modify queries before they are run. We hook into the query, making sure to modify only the one we want by using conditional tags. In our case we check to make sure we are in the admin, the post type is “page” and the current user is not the overlord.
We then set a taxonomy query using the
set() method available in the
WP_Query class. If you’d like a more detailed look at WordPress queries take a look at our article titled An in-depth guide to conquering WP_Query.
All done! We now have a user-friendly way of specifying pages that no one – not even admins – can touch. As overlords we can log in and manage these pages as needed of course.
The benefit of this method is that it gets out of the way for regular users but retains the flexibility to let overlords manage things from the backend.
Do you have any tips of tricks for managing pages? Let us know in the comments below.
- A Quick and Easy Guide To Creating WordPress Admin Pages A great settings page can give a plugin personality, while…
- How to Display Post and Page IDs in the WordPress Admin The automatic display of post and page IDs went out…
- How to Hide WordPress Custom Fields on Posts and Pages If you want to keep the post edit screen as…